Vulnerabilities of iot

It seems nowadays that you can put ‘smart’ in front of any word and it suddenly becomes all the rage. It began with smart phones and has spread to smart homes, smart toys, smart watches, smart assistants...the possibilities are endless. But when it comes to certain aspects of our lives, consumers are rightly skeptical of the potential for absolute connectivity. In a market that’s still nascent, quality and security are especially important. Consumers need to be convinced that their new product will both work well and be safe. To ensure that connected devices are both secure and functional, manufacturers are going to have to consider unfamiliar situations and manage new challenges. One of the most effective and efficient ways of tackling these challenges is through new methods of testing. Testing is crucial for the IoT As our devices become smarter, more challenges arise both for the product manufacturers and for the software developers testing … [Read more...] about What the rise of IoT means for your testing practices

In 1903, magician and inventor Nevil Maskelyne disrupted a public demonstration of Marconi’s purportedly secure wireless telegraphy technology by sending insulting Morse code messages through the auditorium’s projector. Although Maskelyne’s “Gray Hat” stunt is now only a distant memory, industry experts are still grappling with the challenge of securing new technology well over a century later for a rapidly evolving Internet of Things (IoT). Comprising billions of endpoints, the IoT isn’t limited to traditional mobile devices such as smartphones or tablets. Rather, the Internet of Things includes wearables, medical devices, smart appliances, semi-autonomous vehicles and even intelligent sensors. For example, dedicated medical devices that were previously stand-alone platforms – including infusion pumps and implantable heart devices – are now coming online en masse. A number of these devices are equipped with standard electronic components … [Read more...] about The Challenges Of IoT Security

Trying to make sense of Internet of Things standards today is like opening a can of worms. Definitions are still shaking out, consortia are popping up quickly, and everyone is in a mad scramble to capture their piece of the much lauded potential of an intimately connected world of devices.With so many points to consider, security is a good place to start.It is obvious from the proliferation of news articles about the latest in hacking successes, it’s not enough just to secure the perimeter of a network and think the devices inside of that are going to be secure.“To anyone who’s been in the industry and really paying attention it’s clear that having perimeter security, while a critical piece of the security solution, isn’t sufficient,” said Alan Grau, president of Icon Labs. “There have been all kinds of reports in the news where people are able to breach security perimeters. The IoT at some level is no different. You can’t just say a … [Read more...] about Taking Stock Of IoT Standards

The Internet of Things, or IoT, consists of "uniquely identifiable objects and their virtual representations in an Internet-like structure," according to Wikipedia.The IoT is "the network of physical objects accessed through the Internet," according to Cisco Systems.In addition to there being no clear definition of the IoT, estimates vary widely about the number of unique devices it includes. There are an estimated 26 billion devices, according to Gartner, but a whopping 212 billion, according to IDC. The IoT includes GPS in cellphones and tablets, as well Internet-accessible technologies like RFID (radio frequency identification), QR codes and barcodes.The global economic impact of these "things" lumped together as the IoT, often labeled "devices," is significant.The Internet of Things has the potential to create an economic impact of US$2.7 trillion to $6.2 trillion annually by 2025, Microsoft said, based on statistics from McKinsey Global Institute.As a result of the IoT, … [Read more...] about TECHNOLOGY LAW CORNER The Tangled Web of IoT Security

The potential of today’s technology reaches far beyond each device’s individual capabilities.Innovators are no longer limited to just the devices they have in front of them. Thanks to the Internet of Things (IoT) they can now take advantage of what an entire network of interconnected devices can do together.IoT is the inter-networking of “smart” devices, such as those used in homes, offices, and vehicles. These devices are embedded with electronics, software, sensors, actuators, and network connectivity, and can collect and exchange data. This comprehensive network opens up an endless possibility of opportunities for technological innovation, which scientists and engineers in numerous areas of R&D and technology have already taken advantage of.During the month of September, R&D Magazine highlighted exciting advancements, technologies, as well as some challenges, within IoT. Here’s what we covered: The Potential of IoT We kicked off our reporting … [Read more...] about R&D Special Focus: Internet of Things (IoT)

A perfect cybercrime storm is brewing, and two of the main ingredients are ransomware and the Internet of Things.Cybercrime has become an industry with all the operational trappings of any legitimate sector, McAfee Labs noted in its five-year threat review released earlier this month. It has its own supply chain, market segments, service providers, and finance and trading systems. It has its own business models.On the other hand, the Internet of Things is young, McAfee pointed out. Smart device hacks and data breaches are just beginning to make headlines, and the insecurity of many connected gadgets is raising alarms.Given the resources and capabilities of cybercrime operators and the relative unsophistication of IoT device security, one trend in particular is ominous. Ransomware is on a tear.The number of ransomware samples identified grew 127 percent from Q2 2014 to Q2 2015, McAfee Labs noted in its report.Ransomware on the PC -- where malware locks down a computer until the user … [Read more...] about Will the IoT Be Held for Ransom?

With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever."If you throw IoT on a con talk, you've got a pretty good chance to get in," remarked information security professional Jason Kent, as he began his presentation at Chicago's Thotcon hacking and security conference last week.While the vulnerabilities he described may not have been the ones researchers find the most thrilling, they served to illustrate just how much work remains to be done to shore up simple, but devastating, security holes.With the likes of the Mirai and Hajime botnets preying on swaths of IoT devices that have weak root account passwords and open telnet ports, security professionals are understandably keen on nudging the industry away from these pitfalls.However, there are serious shortcomings in SSL implementation and information security practices found in many IoT companion mobile apps, … [Read more...] about The IoT’s Scramble to Combat Botnets

Millions of IoT devices are vulnerable to cybersecurity attacks due to a vulnerability initially discovered in remote security cameras, Senrio reported this week.The firm found the flaw in a security camera developed by Axis Communications, one of the world's biggest manufacturers of the devices.The Model 3004 security camera is used for security at the Los Angeles International Airport and other places, according to Senrio.The problem turned out to be a stack buffer overflow vulnerability, which the firm dubbed "Devil's Ivy."Axis notified the security firm that 249 different models of the camera were affected by the vulnerability. It found only three models that were unaffected. The problem lies deep in the communication layer of gSOAP, an open source third-party toolkit that is used by all kinds of device makers for IoT technology, according to Senrio.gSOAP manager Genivia reported that the toolkit has been downloaded more than 1 million times, according to Senrio. Most of the … [Read more...] about Open Source Flaw ‘Devil’s Ivy’ Puts Millions of IoT Devices at Risk

Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things.That is one of the findings in a report WatchGuard Technologies, a maker of network security appliances, released last week.The report, which analyzes data gathered from more than 26,000 appliances worldwide, found three Linux malware programs in the top 10 for the first quarter of the year, compared with only one during the previous period."Linux attacks and malware are on the rise," wrote WatchGuard CTO Corey Nachreiner and Security Threat Analyst Marc Laliberte, coauthors of the report. "We believe this is because systemic weaknesses in IoT devices, paired with their rapid growth, are steering botnet authors towards the Linux platform."However, "blocking inbound Telnet and SSH, along with using complex administrative passwords, can prevent the vast majority of potential attacks," they suggested.Linux malware began growing at the end of last year with the … [Read more...] about IoT Fuels Growth of Linux Malware

Billions of voice-activated Internet of Things devices may be subject to external attack due to BlueBorne vulnerabilities,Armis revealed on Wednesday.Hackers could exploit BlueBorne to mount an airborne attack, using Bluetooth to spread malware and access critical data, including sensitive personal information.More than 20 million Amazon Echo and Google Home digital assistant speakers could have been impacted by the flaws, but both Amazon and Google already have taken the matter in hand.Amazon customers don't need to take any action, as its devices will be updated automatically with the needed security fixes, said spokesperson Sarah Sobolewski."Customer trust is important to us, and we take security seriously," she told TechNewsWorld.Google users also need not take any action, as Google Home was patched several weeks ago, the company said.Neither Google nor Armis have found any evidence of BlueBorne in the wild. The BlueBorne vulnerabilities could allow a man-in-the-middle attack, … [Read more...] about Newly Revealed Flaw Could Subject IoT Devices to Airborne Attacks